Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Paul Mockapetris On The Future of DNS

timothy posted more than 10 years ago | from the smooshing-in-extra-stuff dept.

The Internet 188

penciling_in writes "In a CircleID article called Letting DNS Loose, Paul Mockapetris, the inventor of DNS and Chief Scientist and Chairman of Nominum, gives a good indication of what is to be expected in the upcoming years when it comes to data riding on DNS: "RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all go into DNS, and folks have occasionally proposed doing just that. It's really just a question of figuring out how to use the DNS -- it's ready to carry arbitrary identifiers." According to Paul, there are 40 or so data types to be added to DNS: "In fact the whole ENUM scheme is built out of classical DNS technology, and NAPTR is really just the latest data type to be added to the DNS. NAPTR is also just an extension of SRV, which was an extension of MX, which are DNS data types that Active Directory uses to start itself and the Internet uses to route each piece of mail." Paul also clarifies the recent BBC story previously discussed here on Slashdot."

cancel ×

188 comments

Sorry! There are no comments related to the filter you selected.

Don't forget... (-1)

SCO$699FeeTroll (695565) | more than 10 years ago | (#7898220)

...to pay your $699 licensing fee you cock-smoking teabaggers.

TROLLKORE ARE DEAD (-1, Troll)

fastidious edward (728351) | more than 10 years ago | (#7898292)


' . . troll .-. llort . . ` trollkore dead, imposters remain
| t.. kore {{@}} erok ..t ` trollkore dead, imposters remain
' r.. +gnaa 8@8 aang+ ..r ` trollkore dead, imposters remain
| o.. +clit 888 tilc+ ..o ` trollkore dead, imposters remain
' l.. ... . 8@8 . ... ..l ` trollkore dead, imposters remain
| l.. ... . )8( . ... ..l ` trollkore dead, imposters remain
' k.. (@)__/8@8\__(@) ..k ` trollkore dead, imposters remain
| o.. .`~"-=)1(=-"~`. ..o ` trollkore dead, imposters remain
' r.. ... . |.| . ... ..r ` trollkore dead, imposters remain
| e.. .8. . |.| . .8. ..e ` trollkore dead, imposters remain
' +.. ... . |F| . ... ..+ ` trollkore dead, imposters remain
| ... ... . |O| . ... ... ` trollkore dead, imposters remain
' g.. .8. . |A| . .8. ..g ` trollkore dead, imposters remain
| n.. ... . |D| . ... ..n ` trollkore dead, imposters remain
' a.. ... . |.| . ... ..a ` trollkore dead, imposters remain
| a.. .8. . |.| . .8. ..a ` trollkore dead, imposters remain
' +.. ... . |Y| . ... ..+ ` trollkore dead, imposters remain
| ... ... . |A| . ... ... ` trollkore dead, imposters remain
' c.. .8. . |S| . .8. ..c ` trollkore dead, imposters remain
| l.. ... . |.| . ... ..l ` trollkore dead, imposters remain
' i.. ... . |.| . ... ..i ` trollkore dead, imposters remain
| t.. .8. . |F| . .8. ..t ` trollkore dead, imposters remain
' +.. ... . |O| . ... ..+ ` trollkore dead, imposters remain
| ... ... . |A| . ... ... ` trollkore dead, imposters remain
' b.. .8. . |D| . .8. ..b ` trollkore dead, imposters remain
| s.. ... . |.| . ... ..s ` trollkore dead, imposters remain
' d.. ... . \./ . ... ..d ` trollkore dead, imposters remain
| ... .8. .. ^ .. .8. .., ` trollkore dead, imposters remain


TROLLKORE ARE DEAD. GNAA ARE DEFEATED.

In a CircleID article called Letting DNS Loose, Paul Mockapetris, the inventor of DNS and Chief Scientist and Chairman of Nominum, gives a good indication of what is to be expected in the upcoming years when it comes to data riding on DNS: "RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all go into DNS, and folks have occasionally proposed doing just that. It's really just a question of figuring out how to use the DNS -- it's ready to carry arbitrary identifiers." According to Paul, there are 40 or so data types to be added to DNS: "In fact the whole ENUM scheme is built out of classical DNS technology, and NAPTR is really just the latest data type to be added to the DNS. NAPTR is also just an extension of SRV, which was an extension of MX, which are DNS data types that Active Directory uses to start itself and the Internet uses to route each piece of mail." Paul also clarifies the recent BBC story previously discussed here on Slashdot.

Re:TROLLKORE ARE DEAD (-1)

WellAren'tYouJustThe (705433) | more than 10 years ago | (#7898311)

Well aren't you just the burner of Karma. And how come you haven't got the 72 hour ban yet?

Re:TROLLKORE ARE DEAD (-1, Offtopic)

Shit...that's a good (651209) | more than 10 years ago | (#7898360)

Shit...that's a good nickname!

Re:TROLLKORE ARE DEAD (-1)

WellAren'tYouJustThe (705433) | more than 10 years ago | (#7898381)

Well aren't you just the fellow theme-troll.

Re:TROLLKORE ARE DEAD (-1, Offtopic)

Shit...that's a good (651209) | more than 10 years ago | (#7898404)

Shit...that's a good troll.

DO NOT (-1, Offtopic)

fastidious edward (728351) | more than 10 years ago | (#7898422)

Stand beside Trollkore, a decaying mass will infect all those near. Trollkore have beem dessimated. They are no more. They have been defeated. The GNAA are nowhere to be seen. Trollkore are dead.

First post (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7898231)

wooo hooo....I can finally set up an email box in cyrillic.

Re:First post (0)

Anonymous Coward | more than 10 years ago | (#7898299)

I always thought the whole point of DNS was to be human friendly, now there going to go and break it by adding all kinds of crazy characters. I will not be Cypher in The Matrix, or if I must be I want a free steak dinner! And call me Mr. Schwarzenegger!

You saw it coming. (3, Redundant)

GregThePaladin (696772) | more than 10 years ago | (#7898243)

I, for one, welcome our new DNS overlords. Please, don't hate me.

Re:You saw it coming. (1, Offtopic)

The Human Cow (646609) | more than 10 years ago | (#7898350)

I'd love to know how the first post for this story got modded "Redundant".

Re:You saw it coming. (0)

Anonymous Coward | more than 10 years ago | (#7898370)

I know, it should have been -1 It's Dead Already, damn mods!

Well... (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#7898244)

I, for one, welcome our new DNS pioneering overlords!

Hmmm (3, Funny)

Shut the fuck up! (572058) | more than 10 years ago | (#7898245)

I sure hope they can resolve all the problems.

Re:Hmmm (3, Funny)

twoslice (457793) | more than 10 years ago | (#7898395)

Yeah, especially when China is coming out with their Domein system and over 50% of the DNS entries are Wong...

Re:Hmmm (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7898427)

#ping wong

Re:Hmmm (2, Funny)

gid13 (620803) | more than 10 years ago | (#7898403)

My new year's resolution is 1600 by 1200.

Oh dear god, I can't believe I just said that.

Re:Hmmm (1)

potaz (211754) | more than 10 years ago | (#7898459)

Man... bad puns are apparently your domain!

Re:Hmmm (2, Funny)

Trashman (3003) | more than 10 years ago | (#7898492)

You must be the authority on bad puns.

Re:Hmmm (1)

JPriest (547211) | more than 10 years ago | (#7898622)

Maybe they can add a DNS record for SMTP servers so we can resolve SPAM.

Re:Hmmm (1)

pergamon (4359) | more than 10 years ago | (#7898708)

I'll laugh at the parent of this comment and of the other replies, but I won't enjoy it.

BSD is Dying (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7898253)

It is official; Netcraft now confirms: *BSD is dying

One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test.

You don't need to be a Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.

FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.

Let's keep to the facts and look at the numbers.

OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

Fact: *BSD is dying

trollkore and clit and gnaa (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7898259)

i don't like you!!!!1!!!1@##1

hoello?

Verisign's Sitefinder (4, Insightful)

thedillybar (677116) | more than 10 years ago | (#7898271)

All the more reason to make sure this "Sitefinder" service gets shutdown.

Who knows what Verisign will do when someone scans an "unregistered" barcode...

Re:Verisign's Sitefinder (1)

pjwalen (546460) | more than 10 years ago | (#7898341)

Or maybe miss type a friends email address domain.... wildcards in MX resource recods? All mistyped mail goes to the man... so be careful!

Re:Verisign's Sitefinder (1)

Tony Hoyle (11698) | more than 10 years ago | (#7898425)

I thought it was, ages ago?

OTOH every ISP round here patched bind so quickly I only saw the page once...

Maybe it's word thing (2, Funny)

tarquin_fim_bim (649994) | more than 10 years ago | (#7898282)

'classical DNS technology'

But to me classical means outdated.

Re:Maybe it's word thing (0)

Anonymous Coward | more than 10 years ago | (#7898439)

"DNS has no future" -Paul Mockapetris

Well, I guess there's not much to talk about, is there?

Re:Maybe it's word thing (0)

Anonymous Coward | more than 10 years ago | (#7898465)

To me classical means original.

Re:Maybe it's word thing (1)

DeltaSigma (583342) | more than 10 years ago | (#7898477)

To me, classical means priceless, and beyond age.

Re:Maybe it's word thing (1)

cbreaker (561297) | more than 10 years ago | (#7898651)

Ya, what you said.

Re:Maybe it's word thing (1)

wackybrit (321117) | more than 10 years ago | (#7898665)

But to me classical means outdated.

So where's the problem? The current major DNS system is outdated... by this stuff that's mentioned in the story.

the future of DNS (-1, Troll)

larry bagina (561269) | more than 10 years ago | (#7898293)

... is djbdns. Unless, of course, you like being rooted and DOSed.

Re:the future of DNS (0)

Anonymous Coward | more than 10 years ago | (#7898443)

Or unless you want to run something not created by an egomaniacal freak who wants to send TLD data over usenet.

... there are 40 or so data types.. (3, Funny)

pjwalen (546460) | more than 10 years ago | (#7898295)

I would like to propose a new "IN GEEK" resource record for DNS. So I can find myself on the internet easier!

Re:... there are 40 or so data types.. (2, Funny)

lisany (700361) | more than 10 years ago | (#7898747)

A real geek always knows where she is on the Internet.

naming conventions (4, Interesting)

Anonymous Coward | more than 10 years ago | (#7898322)

Naming conventions are pretty useless these days. The ``big'' TLDs like .com, .org, .net, etc. are all remnants from the old days when the Internet was still US-only. Nowadays we have all those country domains, which may or may not implement some scheme to indicate the type of site (.uk does, .nl doesn't).

Two things make the TLDs pretty much meaningless: a traditional TLD (.com etc.) does not neccesarily indicate the type of site, and a country code does not necessarily indicate the Real World location of a site (.nu anyone?). Besides, ``location'' is a very vague notion on the Internet. If my site has a .nu domain, the server is in California, and my content comes entirely from the Netherlands, then what country does my site belong to? So perhaps we should just dispense with the current naming scheme altogether and just have one word as name for the main site (I think RealNames attempted this and failed). Instead of http://www.google.com/ one would just write ``Google'' (or maybe ``google''?), dropping the http://www which is fairly redundant when using a webbrowser (yes, I know that ``www'' indicates the hostname, but who cares what the hostname is, I just want the site), and the TLD which is basically meaningless.

Just an idea for the more-or-less distant future.

Re:naming conventions (1)

pseudochaotic (548897) | more than 10 years ago | (#7898389)

Some browsers already do this. For instance, i typed "google" into Mozilla, and got to google.com just fine.

Re:naming conventions (5, Informative)

ultrapenguin (2643) | more than 10 years ago | (#7898402)

Internet explorer can also auto-add www. + .com if you press ctrl+enter while typing the url.
so google + ctrl/enter gives you what you want.
This also seems to depend on language settings - pressing ctrl+enter with regional settings set to "japan" will prepend www. and append .co.jp

I think MYIE2 has different modifiers, ctrl+enter adds .com, shift-enter adds .net, etc.

Really? (5, Funny)

Greyfox (87712) | more than 10 years ago | (#7898495)

So whitehouse ctrl+enter...?

Re:naming conventions (1)

D-Cypell (446534) | more than 10 years ago | (#7898570)

Instead of http://www.google.com/ one would just write ``Google'' (or maybe ``google''?), dropping the http://www which is fairly redundant when using a webbrowser (yes, I know that ``www'' indicates the hostname, but who cares what the hostname is, I just want the site), and the TLD which is basically meaningless

Great idea!! Cant wait to see what happens to 'whitehouse' ;o)

Re:naming conventions (1, Interesting)

Anonymous Coward | more than 10 years ago | (#7899166)

Old versions of Netscape sent you to whitehouse.com, but every commercial browser made in the last 5 years uses a directory service and takes you to whitehouse.gov.

(I seem to remember the whitehouse.com people threating to sue Netscape when they made this change.)

Re:naming conventions (4, Funny)

PacoTaco (577292) | more than 10 years ago | (#7898587)

Two things make the TLDs pretty much meaningless: a traditional TLD (.com etc.) does not neccesarily indicate the type of site

Sure it does:

.com = porn
.net = porn
.org = porn
.
.
.

Eh, doesn't bother me (2)

1ini (629558) | more than 10 years ago | (#7898666)

My browser is smarter than that. I just write the name of the site and it automatically does an "I'm feeling lucky!" google search. Gets'em right every time!(almost)

Re:naming conventions (3, Interesting)

mauthbaux (652274) | more than 10 years ago | (#7899259)

Personally, I always thought that pr0n sites should be .sex sites... for instance teens.sex girls.sex...(or if you prefer) goat.sex It would make pr0n easier to find for those who were looking for it, and easy to avoid for those looking to avoid it.... just my 2 cents.. ~mauthbaux

mDNS & Rendezvous? (4, Informative)

AT (21754) | more than 10 years ago | (#7898333)

I'm surprised that mDNS wasn't mentioned in the context of the future of DNS. It is, after all, the technology behind Rendezvous [apple.com] , Apple's protocol for automatic service advertising and configuration on local LANs. mDNS is basically just normal DNS multicasted, with some conventions on how to represent services.

mDNS is already used for zero-configuration networking, sharing iTunes playlists, and finding other iChat users on a local LAN. Since it's based on DNS, its both simple and has mature implementations. And it's open source; Apple provides a working reference implementation for MacOS 9, MacOS X, Windows, and Posix (including Linux).

Re:mDNS & Rendezvous? (1)

Kent Recal (714863) | more than 10 years ago | (#7898610)

Thanks for the hint. I'll definately give the linux port a shot (can't be worse than dhcp i guess).

Re:mDNS & Rendezvous? (3, Informative)

curious.corn (167387) | more than 10 years ago | (#7898719)

It's more than that. I haven't yet seen the potential of mDNS revealed anywhay but take this example:
postgres is compiled with mDNS support, when the daemon starts it registers onto the server's mDNSResponder. You launch your data analisys app that broadcasts the query:_pgsql._tcp.local. and your server responds with netaddr/port. The app establishes the connection, you move on. This stuff IS cool. Linux efforts today are limited to tmdns that requires the server admin to manually edit a config file... shure, init scripts can do this but the idea is that you link to a lib that registers the app to the responder autonomously... howl [porchdogsoft.com] does that. It's soo cool that I break up in tears thinking back at the time I've wasted on this stuff. If only iptables had a programmatic interface to open ports rather than handcrafting config scripts your little daemon config file would be the central repository for all relevant service information... hmm, a datacenter admin's wet dream

Re:mDNS & Rendezvous? (1)

Freedom Bug (86180) | more than 10 years ago | (#7898954)

Editing config files? Compiling the ugly bulk that is Apple Rendezvous into your app?

tmdns is so much easier.

Just system("register_service --add --service=pgsql --port=#"); and it'll show up in your browser.

tmdns does things the Unix way. Now we just have to get the distributions to include tmdns, like Mandrake does. Because adding it on yourself is not a trivial task.

Bryan

Re:mDNS & Rendezvous? (4, Insightful)

Kent Recal (714863) | more than 10 years ago | (#7899033)

It does indeed sound pretty neat.
I wonder whether the additional load due to the broadcasting could become an issue on large installations. Also I'm curious whether it can somehow work across switched segments (if you want to discover hosts in a neighbour net).

While I doubt (correct me if I'm wrong..) that the broadcast mechanism could scale enough to replace old fashioned DNS it's still a nice substitute for DHCP at least.

And it definately makes some nice playground for the p2p hackers. If you can get the auto-discovery feature basically by linking a lib and adding some syscalls then I bet we will soon see a lot of utility apps learn how to find and talk to each other over the wire.

Can't wait for the xscreensaver plugin that connects to all other xscreensavers around and uh.. launches a sproingies contest.

Re:mDNS & Rendezvous? (4, Informative)

keithmoore (106078) | more than 10 years ago | (#7899433)

mDNS is a huge mess, mostly because Apple started deploying the thing without realizing that you'd have different hosts on the same network, some using mDNS and some using DNS (since not all hosts that are connected will see the same peers) and without bothering to figure out how to keep mDNS and DNS in sync.

the last time I looked the problem still wasn't solved. but the draft [ietf.org] is in revision 27 after being taken on by an IETF working group, and still isn't done yet, which should tell you something about how ready it was for prime time when Apple shipped it.

the rest of Rendezvous (v4 linklocal addressing and DNS resource discovery) is also a huge mess, but that's another topic.

Quick Note to Timothy: (0)

Anonymous Coward | more than 10 years ago | (#7898339)

Please retitle this article to "Paul Mockapetris On The Future of Acronyms."

Thanks.

-- The Slashdot Readership

Why not an IP address? (4, Interesting)

Lxy (80823) | more than 10 years ago | (#7898354)

If it needs a [UPC|RFID|Serial number|unique ID of any kind] why not give it an IPv6 address? It's a well designed heirarchical system, and DNS is already capable of handling it.

Re:Why not an IP address? (0)

Anonymous Coward | more than 10 years ago | (#7898412)

Linux: Telling Microsoft where to go since 1991

Where? To the bank to make huge deposits?

Re:Why not an IP address? (0)

Anonymous Coward | more than 10 years ago | (#7898762)

Heh. Nice.

Re:Why not an IP address? (1)

elf-fire (715733) | more than 10 years ago | (#7898487)

The fact that something is listed in DNS does not really contradict having an IP adresss in any available scheme... I still prefer typing slashdot.org instead of it's IP(s).

Re:Why not an IP address? (2, Funny)

MavEtJu (241979) | more than 10 years ago | (#7898980)

why not give it an IPv6 address

$ ping6 -c 5 2001:4f8:4:7:2e0:81ff:fe21:6564
--- 2001:4f8:4:7:2e0:81ff:fe21:6564 ping6 statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

Somebody stole a book!

More Basic DNS issues need to be resolved (1, Interesting)

Anonymous Coward | more than 10 years ago | (#7898379)

For example, DNS entries should have additional information stored within them, such as classifications as to whether the site is:

a) Adult

b) Shopping

c) News

d) etc.

This way, I can prevent myself from accidentally going to hidden goatse.cx links that appear under more innoculous DNS entries such as "www.welcometomysite.com".

Re:More Basic DNS issues need to be resolved (1)

pjwalen (546460) | more than 10 years ago | (#7898421)

I like to think of those sites more as "pleasant suprises!"

Re:More Basic DNS issues need to be resolved (0)

Anonymous Coward | more than 10 years ago | (#7898634)

That is the stupidest fucking idea I've ever heard. What category does a virtual hosting company get? An ISP? Content types do not match one-to-one with DNS A records.

You can have a precategorized and 'sanitized for your protection' precategorized internet, but keep it to yourself. Certainly don't get it anywhere close to the public's DNS.

Re:More Basic DNS issues need to be resolved (2, Insightful)

cbreaker (561297) | more than 10 years ago | (#7898685)

Naa, without checks and balances, which is not what the internet is based upon, all the porn sites would simply mark themselves as "news" or "games" or "shopping."

Re:More Basic DNS issues need to be resolved (1)

emptybody (12341) | more than 10 years ago | (#7899290)

Well, I suppose you could always use the IN TXT record.
@ IN SOA ns1.goatse.cx. hostmaster.goatse.cx.(
69 ; serial
3H ; refresh (3 hours)
1H ; retry (1 hour)
1W ; expire (1 week)
1D ; minimum (1 day)
)
IN NS ns1.goatse.cx.
IN MX mx1.goatse.cx.
_http._tcp IN SRV 0 0 8888 www.goatse.cx.
IN TXT "SICK AND TWISTED"
www IN A 127.0.0.1

What I want to know (0)

Anonymous Coward | more than 10 years ago | (#7898390)

is when the hell is BIND going to support unicode?

Re:What I want to know (2, Informative)

j4y (675769) | more than 10 years ago | (#7898457)

but there is a way to implement mutillingual domain without set up a application to convert native languges to DNS normal charater as iDNS mechanism.

Not quite "ready" (1)

deuteron (13274) | more than 10 years ago | (#7898436)

It won't be "ready to carry arbitrary identifiers" until BIND stops rejecting unknown types. Or until everyone switches to something that works. :-)

djbdns [cr.yp.to] !

Re:Not quite "ready" (1)

strabo (58457) | more than 10 years ago | (#7898567)

It won't be ready...until BIND stops rejecting unknown types.

So, three years ago, then?

From an announcement [theaimsgroup.com] for BIND 9.1.0: "BIND 9.1.0 also includes experimental implementations of a number of DNS protocols extensions still under development in the IETF. These include transparent processing of unknown RR types..."

BIND 9.1.0 was released [theaimsgroup.com] on January 18th, 2001

Re:Not quite "ready" (1)

deuteron (13274) | more than 10 years ago | (#7898645)

So, three years ago, when BIND 9.1.0 came out, everyone immediately upgraded? See the recent article about Windows 98 support ending. We still use 98 on half of our student machines. :P

This change should never have been necessary in the first place. djbdns has supported unknown types since its inception.

Re:Not quite "ready" (1)

cbreaker (561297) | more than 10 years ago | (#7898711)

You make no sense.

First you say "it's not ready until bind stops rejecting unknown types."

Then someone proves that it doesn't and hasn't for three years.

Then you try to defend your post by saying that three years isn't long enough, that it should have always supported it, and people still use Windows 98?

Yea okay tough guy. I'm sure djbdns is very nice but there's no need to conjure up an argument against anything else.

Re:Not quite "ready" (1)

wayne (1579) | more than 10 years ago | (#7899295)

Well, yes, bind9 is supposed to support new DNS RR types. Unfotunately, from what I understand, all versions of bind9 have bug that creates a nasty catch-22. Only RR type numbers <255 work, but those numbers are reserved for standard track RFCs, but you aren't likely get a standard track RFC until you have shown that it works experimentally. The experimental RR type numbers don't work with bind9, so you are stuck.

I have to admit that I haven't actually tried creating new ones, so I'll defer to someone who has. See: IETF ASRG RMX mailing list: Hadmut Danisch on creating new DNS RR types [gmane.org]

Hadmut Danisch is the author of the RMX anti-spam proposal and his proposal is for a new DNS RR type of "RMX". I have little reason to doubt that he knows what he is talking about.

What a name (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7898454)

This Mockapenis guy should lay off of other people's apparatus.

Re:What a name (0)

Anonymous Coward | more than 10 years ago | (#7898530)

hey -- Paul's a nice guy from Boston. Leave him alone.

security? (4, Insightful)

MrSpiff (515611) | more than 10 years ago | (#7898490)

what about security issues? BIND has as long history of bugs and with the recent threats to the root DNS servers, I think the real issue is building a secure DNS service rather than extending the data it carries.

Re:security? (1)

MavEtJu (241979) | more than 10 years ago | (#7898755)

(Score:2, Insightful)

You're kidding, right? Score: -1: Troll.

The article talks about DNS, not a specific implementation of it. Only if you won't look further than how long your nose is, you will come up with these kind of comments.

moshi... (-1, Offtopic)

rock_climbing_guy (630276) | more than 10 years ago | (#7898508)

denshi-meiru de kanji ga dekiru to, slashdot de kanji ga dekimasu ka???

Re:moshi... (0)

Anonymous Coward | more than 10 years ago | (#7898709)

demo minna ga kanji wo wakanai desu kara yaku ni tata nai desou?

Not so sure... (3, Informative)

rritterson (588983) | more than 10 years ago | (#7898511)

DNS is great in it's hierarchal nature- one can simply delagate domains to another server, which keeps what ever DNS is managing the root (like slashdot.org.) from getting overloaded with requests.

However, how is it going to work if we add Barcodes, RFIDs, etc to DNS? Are we going to create a RFID domain? RFIDs are unique numbers, AFAIK, which is more like an IP address, which is exactly what DNS is designed to avoid the usage of! Will i go buy tee.shirt.yellow.minnesota.walmart and have the register go look up the RFID and price information? That would seem backwards.

Also, we're going to need many more DNS servers if we are going to piggy back those sorts of services on the system. While I did RTFA, it seemed short on details. I would assume a retailer using DNS for RFID would have a private DNS network, much the same way Microsoft's Active Directory normally uses one (or maybe not- maybe one would just need a seperate RFID network of servers, since there is nothing inherantly private about RFID numbers and it might be helpful for a retailer to make the RFID lookup ability public).

Yet, that would only lead back to my original question. Are you going to seperate RFIDs into domains by number and then delgate them? That seems silly- imagine trying to put MAC address lookups on DNS. Does one retailer need to be able to access the RFIDs of another? Are we going to need to create root servers for RFID lookups? Please don't use those same root servers and please don't merge the network with the same public internet DNS system.

Perhaps the article was just short on details, or maybe I missed something, but I'm wary of using DNS for the sort of system the article described- at least before more details emerge.

Re:Not so sure... (1)

JackpotMonkey (703880) | more than 10 years ago | (#7898642)

DNS is great in it's hierarchal nature- one can simply delagate domains to another server, which keeps what ever DNS is managing the root (like slashdot.org.) from getting overloaded with requests.

To bad the links posted to slashdot don't have that kind of protection....

Re:Not so sure... (0)

borgdows (599861) | more than 10 years ago | (#7898712)

...at least before more details emerge.

on Gentoo, type : emerge details

Re:Not so sure... (1)

MavEtJu (241979) | more than 10 years ago | (#7898797)

Yet, that would only lead back to my original question. Are you going to seperate RFIDs into domains by number and then delgate them? That seems silly- imagine trying to put MAC address lookups on DNS.

RFIDs are unique numbers, AFAIK, which is more like an IP address, which is exactly what DNS is designed to avoid the usage of!

Please think of in-addr.arpa and ip6.int? It does exactly what you describe as your problem.

Furthermore:
DNS is great in it's hierarchal nature- one can simply delagate domains to another server, which keeps what ever DNS is managing the root (like slashdot.org.) from getting overloaded with requests.

Actually, it's the caching nature of the records which prevent this. [no more nitpicking]

Re:Not so sure... (1)

MavEtJu (241979) | more than 10 years ago | (#7899093)

However, how is it going to work if we add Barcodes, RFIDs, etc to DNS? Are we going to create a RFID domain? RFIDs are unique numbers, AFAIK, which is more like an IP address, which is exactly what DNS is designed to avoid the usage of! Will i go buy tee.shirt.yellow.minnesota.walmart and have the register go look up the RFID and price information? That would seem backwards.

Euhm... the extensions are not to be used by you. Forget humans. Think machines.

Paul, Please Don't Mock My... (0)

Anonymous Coward | more than 10 years ago | (#7898525)

Oh, sorry, that's petris isn't it? My bad.

In SOVIET Russia (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7898537)

In SOVIET Russia, DNS names resolve servers!

What about P2P? (2, Interesting)

SexyKellyOsbourne (606860) | more than 10 years ago | (#7898543)

Someone really should have asked him about any plans to make DNS more peer-to-peer oriented, like the recent project to make BitTorrent .torrents part of DNS, found here:

http://www.netrogenic.com/dnstorrent/ [netrogenic.com]

Re:What about P2P? (1)

cbreaker (561297) | more than 10 years ago | (#7898829)

dnstorrent doesn't make any changes to DNS, all it does is allow you to carry non-dns type data on a DNS server.

WEB/FTP (1)

Atzanteol (99067) | more than 10 years ago | (#7898545)

I'm surprised there aren't records for 'WEB' and 'FTP' and the like. Why are we still relying on well-known-ports so much? DNS could point to many different types of resources similar to 'MX'...

Re:WEB/FTP (4, Informative)

emptybody (12341) | more than 10 years ago | (#7898599)

Actually, there already are provisions for this.
The SRV record, defined in rfc2782 [ietf.org] , is used to store a HOST:PORT pair

When will browsers (or anything else for that matter) start supporting this???

Here is a (possibly outdated) list of software that supports the SRV record [vanrein.org] .

Re:WEB/FTP (1)

PacoTaco (577292) | more than 10 years ago | (#7898753)

It's kind of a chicken and egg problem. You'll still have to deal with applications that expect the well-known ports. For example, if you move mail off port 25, you won't be able to receive messages from clients that can't (or won't) look up the correct port in DNS. Rather than listening in two places (and making a mess of your firewall rules) it will probably be easier to just leave things alone.

Re:WEB/FTP (1)

wayland (165119) | more than 10 years ago | (#7899050)

SRV records lack popular support. My guess is lack of demand due to ignorance on the part of many. But interestingly, Jabber wants everyone to use SRV records. This means that your Jabber ID can be the same as your e-mail address, but on a different machine. It also means that if Jabber catches on, a lot of admins are going to need to learn about SRV records. And when they learn about them, they'll use them. And when they use them, hopefully the big browser developers will recognise the demand and implement them.

Anyway...

Re:WEB/FTP (2, Insightful)

MavEtJu (241979) | more than 10 years ago | (#7898867)

I'm surprised there aren't records for 'WEB' and 'FTP' and the like.

There are three ways this has been resolved in the past and today:

- portmapper, where you ask the machine (think of it as a DNS on the machine itself for port-numbers) on which port the nfsd listens.

- hostnames: ftp.freebsd.org is the ftp-server, www.freebsd.org is the www-server. Yes, still port 21 and 80, but you can figure out which hosts to use for which protocol.

- SRV records, which you ask for a service and a domain name: _smtp._tcp.mavetju.org resolves into:
_smtp._tcp.mavetju.org. : 0 0 25 tim.barnet.com.au. (try dig _smtp._tcp.mavetju.org SRV)

So as you see, the possibilities are there, now it is the applications which have to figure out how to use it.

Edwin

They're right... (3, Funny)

b00m3rang (682108) | more than 10 years ago | (#7898550)

DNS isn't nearly bloated enough. Let's make all DNS servers run Active Directory on Windows, so we can store phone numbers, golf scores, medical records, and political party affiliation. Then, since it's an 'improvement', we can all rest assured our security concerns have been addressed. Let's get BIND rock solid, then get fancy if you're into that sort of thing.

Re:They're right... (2, Informative)

0racle (667029) | more than 10 years ago | (#7898627)

new to ldap huh? DNS doesnt store the actuall AD Data, those are on datafiles on the AD Servers (Ya i was shocked at that too), DNS simply holds pointers to find the services supplided and used by the directory, just like every other use of DNS.

Heh... (1)

cybermace5 (446439) | more than 10 years ago | (#7898551)

I think he should write an article entitled "How to Survive Elementary School with a Last Name like Mockapetris."

Because, only in elementary school would someone make fun of someone else's name...wait...

Re:Heh... (1)

Bombcar (16057) | more than 10 years ago | (#7899365)

Hmm... Petru is Latin for rock, so maybe his name really is "Mockarock".....

Article Text (1, Informative)

kiwipeso (467618) | more than 10 years ago | (#7898553)

Letting DNS Loose

Jan 02, 2004 | From CircleID Empowering DNS

By Paul Mockapetris

Most folks tend to think of the DNS as a way to map ASCII host names to IP addresses, perhaps www.nominum.com to 10.0.01 or some such.

I believe that when Vint talks about "escaping the bonds of DNS", [see BBC's report and Doug Mehus' CircleID report] he's really talking about letting it loose rather than replacing it.

In the case of ENUM and NAPTR, all we are doing is saying that "domain names can carry phone numbers, so why not let them". NAPTR is a DNS data type, so we aren't replacing DNS with NAPTR, that would make no sense. In fact the whole ENUM scheme is built out of classical DNS technology, and NAPTR is really just the latest data type to be added to the DNS (there's 40 or so). NAPTR is also just an extension of SRV, which was an extension of MX, which are DNS data types that Active Directory uses to start itself and the Internet uses to route each piece of mail.

RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all go into DNS, and folks have occasionally proposed doing just that. Its really just a question of figuring out how to use the DNS -- its ready to carry arbitrary identifiers. And by the way, this isn't a new idea, see RFC 1101 for proof, although even earlier I designed the DNS in the early 1980s to allow it to be so, but it seemed too far fetched to document for a while.

But don't think that I'm claiming to have solved the whole problem. What I certainly didn't anticipate was the political, legal, and commercial fight that would come with it. These squabbles behind ENUM and RFID use of DNS are really the problem, not the technology, although there may be ways to help with more technology. I was in Geneva for a WSIS meeting of CTOs, and was surprised that the various organizations (ITU, ICANN, ISOC) haven't figured out that they need each other to make this technology work, rather than asserting ownership.

While it is inevitable that the DNS gets replaced, I think there could be far more usage and opportunity if the political aspects were addressed coherently, and if the technology types just let experimentation happen, rather than trying to make rules about how the DNS is used.

It's the politics, not the technology (5, Insightful)

BritGeek (736361) | more than 10 years ago | (#7898632)

While the main point of the article is interesting, the rather depressing part - about the politics of the ITU, ICANN, etc. - is that unless we can get these oafs to work together, we are totally hosed. Having witnessed some of the machinations that goes on in at least a couple of these groups, I despair of whether we will get anything rational out of all of this. (I would much, much rather see sausages being made, than see these groups "working' again...)

Why? (1)

Hard_Code (49548) | more than 10 years ago | (#7898679)

Isn't the design of DNS especially relevant to host names because hosts, and hence host names are dynamically distributed?

Why would it necessarily follow that we would want to use DNS to store other arbitrary types of data (that do not necessarily have a decentralized nature) instead of a central database?

Too complicated, I don't think so (3, Insightful)

bigberk (547360) | more than 10 years ago | (#7898680)

Give me a break. DNS itself is virtually unchanged over all these years. You've pretty much got SOA, NS, A, CNAME, and MX records and some other record types for meta information. RFID? Active Directory? Ppphtt.

Re:Too complicated, I don't think so (1)

MavEtJu (241979) | more than 10 years ago | (#7898925)

Too complicated

Not really. Very easy to query, very easy to debug. (the magic is in the backend of the DNS server which has all the data).

I think the thing is that you don't know the problems people have ("I have this shitload of data and I need people all over the world to be able to query it, how can I do this in a distributed and efficient way?")

Sometimes you need to look further than the size of your nose ;-)

Edwin

How about fixing bind 9 ? (5, Informative)

Anonymous Coward | more than 10 years ago | (#7898853)

Let's see...
  • rrset-order is still broken.
  • GSS-TSIG support is still missing.
  • Strange multi-threading bugs still exist
  • Awful security history isn't behind it yet.
Oddly enough, the expensive Nominum commercial product has all these things fixed and BIND does not, even though ISC and Nominum are the same set of folks, in the same building.

Does this sound like bullshit to you ? If so, see the following:

  • Read the bottom parts of this [cr.yp.to] and the links at the bottom of this [cr.yp.to]
  • Nominum/ISC relationship described here [cr.yp.to]
Of course, the trouble is that there's not many alternatives. DJBDNS [cr.yp.to] is stable, but missing features and has an odd "semi-open-source" license. ( Also, if you read some of the links, Dan's a really cranky source of support :) PowerDNS [powerdns.com] is promising, but just got recursion.

AAARRGGHH.

DNS is antiquated and will always be so (-1, Troll)

laugau (144794) | more than 10 years ago | (#7899004)

I prefer to use /etc/hosts for all of my name resolutions because DNS is just too damned slow.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?